Electronic devices, such as a computer or computer system, commonly include an access terminal monitor, keyboard, and mouse, an operating system and or software, and may be connected to a network, including domain, or other control device for example, robotic or industrial controllers. An electronic device may also refer to other electronic machines, control systems, or devices with a HMI Human Machine Interface, including those used in retail, production, and other industries.
In general, in the interests of conciseness, in the present specification the term “computer” will be used to reference all such electronic devices with an HMI, and not only those more narrowly called computers.
The expression “computer access” is used to describe that a user person has the ability to interact with a computer in the broad sense of“computer” defined above through an access terminal. In turn, the user may have partial or full operative access to connected systems equipment, networks, software, data, etc. Operative access includes but is not limited to the ability to interact with a computer's operating system, software, data, network, etc.
Smartcards have become widely used in a system of “two-factor authentication,” meaning that the user must possess something a smartcard and know something a password, for be authenticated as a valid user and to have operative access to the computer. Typically, the computer user is required to insert his or her smartcard into a smartcard reader connected to the computer, and then enter a valid password in order to obtain computer access. A computer system's owner/administrator may authorize different users various levels or areas of computer access.
It is known to provide a person with a card that acts both as a photo ID and as a smartcard for access to computer systems. Conventionally, such cards are worn visibly by the user in a badge holder. The card is then removed from the badge holder and inserted into a card reader attached to the computer, for computer access. However, there is then a risk that the user will move away from his or her computer, leaving the card in the card reader. That both leaves the computer vulnerable to interference by an unauthorized user, and leaves the user without proper ID.
Since the smartcard is required for obtaining computer access, the computer may also monitor the presence of the smartcard in a smartcard reader so that when the smartcard is removed the computer access is limited or disabled.
Computers use various methods to determine the presence of the smartcard in the smartcard reader, including: a “card in position switch” that mechanically detects the presence of the card in the reader, smartcard's contacts; or continuous “polling” communication with the smartcard's integrated circuit.
A security risk is created if the computer is left unattended and accessible to an unauthorized user because a previous authorized user fails to remove his or her smartcard from the card reader before leaving the computer.
The design of conventional smartcards, smartcard holders, and smartcards readers requires the user to effectively lose possession of their smartcard, because it must be removed or disconnected from their smartcard holder, lanyard, wallet, etc. in order to insert the smartcard into the smartcard reader, or place the smartcard near a contactless reader. This approach is illustrated by, for example, U.S. Pat. No. 5,337,813, which shows a card holder for displaying a card as an ID badge designed to make the smartcard easily removable, implying a need by users who are constantly removing the smartcard to insert into a smartcard reader for computer access. Smartcard reader designs such as that shown in U.S. Pat. No. 6,015,092 illustrate a desire/need to make smartcard insertion and removal easier by orienting the slot into which the smartcard is inserted at a right angle. Furthermore, current smartcard readers are designed to be “fixed” in place. Examples are a built in reader on a laptop computer, or a desktop mounted card reader. In general the current designs of smartcard holders and readers require users to remove the smartcard from their persons and place the smartcard into the computer's smartcard reader in order to gain computer access. Since the user is not able to maintain possession of their smartcard during computer access the only method of mitigating the previously discussed security risk is to require users to remember to remove their smartcard when they leave a computer unattended.
Currently, it would be possible for a user to maintain possession of their smartcard during computer access by attaching the smartcard, without a protective holder, to a retractable ID reel worn by the user. The design of smartcards, smartcard readers, and smartcard holders presents several problems that make this an undesirable method. First, the smartcard reader may lack sufficient pressure to the smartcard's surface to supply enough frictional force to hold the smartcard in the smartcard reader against the retraction force from the reel. Second, a non-axial force applied to the smartcard by the tether may cause the smartcard to become stuck in the smartcard reader. That may result in the reader, and any attached equipment, being dragged out of position, or may result in either the smartcard or the entire reader coming loose suddenly. Any of those scenarios presents a risk of damage to the connected equipment or damage and/or injury to articles and/or persons in the “line of fire” of the tether. Third, the smartcard is not easy to insert into the narrow card receiving slot of a card reader, and may be even more difficult with the retractable reel attached.
The use of smartcards for computer access may be required in various working environments requiring repeated smartcard connections such that quick, blind by touch or feel, and even single handed application would be desirable. In addition various working environments may also require an both an easy smartcard disconnect and breakaway design so that the smartcard can be quickly removed and in the case where the user inadvertently fails to remove their smartcard it breaks free of the reader in such a fashion as to minimize or eliminate equipment damage or personal injury.
It has been proposed in US 2010/0265084 Augustinowicz to provide a badge holder including a smartcard reader interface with a cable that can be plugged into the computer, so that the smartcard can be used for computer access without being removed from the holder worn by the user. However, in that case, if the user moves away from the computer without disconnecting the cable, there is a risk that the cable connector or other components will be damaged, and/or computer equipment will be pulled onto the floor. A device commercially available from Stanley Global under the designation SGT-118 is advertised as including an “OSHA compliant safety breakaway lanyard.” However, the breakaway point appears to be in the lanyard that attaches the card holder to the user. Consequently, breaking away of the lanyard would leave the card and reader attached to the computer and detached from the user, presenting the same issues as the conventional arrangement. The breakaway lanyard is meant to prevent catastrophic injury for example, choking to death if the badge holder is caught in machinery or other equipment. It is not meant to break away in office environments where incidental accidents for example, becoming tangled in a phone cord would lead merely to damaged equipment. The Augustinowicz and Stanley Global devices are effectively standard smartcard readers worn around the neck with a USB extension cord. They are not user friendly or easy to connect and only attach and release axially.
In addition, the Augustinowicz and Stanley Global badge holders are expensive, because they include the sophisticated card reader chip and card detect circuitry in the badge holder. That is in many situations undesirable, because badge holders continually worn by people frequently become lost and damaged.
There is therefore a need for a system by which the smartcard can be easily connected to and released from the smartcard reader, and which, if the user moves away from the computer without disconnecting properly, separates safely and reliably, leaving the user wearing his badge, leaving all the expensive electronics attached to the computer, and leaving the computer unusable by an intruder, because the computer detects that the smartcard has been removed.